Showing posts with label rfid. Show all posts
Showing posts with label rfid. Show all posts

04 February 2009

Canadian Government Considers Open Source

The Canadian Government has put out a "Request For Information" (RFI) - essentially, a formal invitation for feedback on the topic.

Rather amusingly, the RFI speaks of "No-Charge Licensed Software":


Canada has a Request for Information (RFI) related to No-Charge Licensed Software (typically referred to as Free and Open Source Software or FOSS and also applicable to freeware). For the purpose of the RFI, No Charge Licensed Software means Licensed Software that is available at no charge for the Licensed Software and is typically made available as a free download from the Internet. No Charge Licensed Software may also have No Charge Software Support Services (NCSSS) available at no charge from the Internet.

The general aim of the request is as follows:

The purpose of the RFI is to help the Government of Canada (GC) put together guidelines related to the planning, acquisition, use and disposal of No Charge Licensed Software (NCLS). While there is already significant interest for No Charge Licensed Software within the Government of Canada there are many questions being asked, see below. There exists operationally a requirement to produce common guidelines that are fair, open and transparent and can be applied consistently across departments.

The objective of the RFI is to provide an opportunity for those interested to provide information they feel Canada should be aware of when developing internal guidelines related to the planning, usage and disposal of No Charge Licensed Software. Information that would be relevant to the development of guidelines will be appreciated. The information provided will be reviewed by Canada, as part of a process of producing No Charge Licensed Software Guidelines for Government of Canada End-Users.

There are also a series of specific questions the Canadian Government would like answered, which give a better idea of what its thinking about:

Q1. In the Overview, the Crown provided a definition for No Charge Licensed Software. Is this an appropriate definition?

Q2. What are reasonable criteria that the Crown should consider in a decision process for acquiring No Charge Licensed Software? Are there circumstances in which the acquisition of No Charge Licensed Software would not be advisable?

Q3. What factors other than price should be considered as part of an evaluation guideline for No Charge Licensed Software? Are there other factors beyond those outlined in Appendix A & B that the Crown should consider?

Q4. How should existing Government Furnished Equipment, Services, Service Level Agreements and internal resources be considered when evaluating the usage of No Charge Licensed Software?

Q5. How practical is No Charge Licensed Software? Are there hidden costs that need to be considered as part of the process of evaluating the alternatives available?

Q6. What are the general financial, technical and security risks associated with acquiring and using No Charge Licensed Software?

Q7. How do Open Standards and interoperability factor into evaluation considerations?

Q8. How does the technology factor into the evaluation consideration, such as ability to maintain and evergreen?

Q9. How does the Crown evaluate the flexibility of the licensing models for No Charge Licensed Software?

Q10. What impact will No Charge Licensed Software have on Government Licensed End-User Networks?

Obviously the Canadians are taking a rather cautious approach here, but it seems that they are seriously considering using more free software. You can submit your comments (in English or French) until the 19 February.

14 March 2007

Infoethics, Open Access, ODF and Open Source

Now here's something you might not expect from UNESCO every day:

The Infoethics Survey of Emerging Technologies prepared by the NGO Geneva Net Dialogue at the request of UNESCO aims at providing an outlook to the ethical implications of future communication and information technologies. The report further aims at alerting UNESCO’s Member States and partners to the increasing power and presence of emerging technologies and draws attention to their potential to affect the exercise of basic human rights. Perhaps as its most salient deduction, the study signals that these days all decision makers, developers, the corporate scholar and users are entrusted with a profound responsibility with respect to technological developments and their impact on the future orientation of knowledge societies.

It touches on a rather motley bunch of subjects, including the semantic Web, RFID, biometrics and mesh networking. But along the way it says some sensible things:

One primary goal of infoethics is to extend the public domain of information; that is, to define an illustrative set of knowledge, information, cultural and creative works that should be made available to every person.

Even more surprising, to me at least, was this suggestion:

UNESCO should meanwhile support open standards and protocols that are generated through democratic processes not dominated by large corporations.

The use of OpenDocument Format and other open formats should also be encouraged as they help mitigate lock-in to certain technologies. Other initiatives to consider include pursuing free and open software, as well as the “Roadmap for Open ICT Ecosystems” developed last year.

(Via Heise Online.)

28 February 2007

Patent Abuse

Oh, look. Here's yet another reason to get rid of patents:

Guess what? Radio frequency identification tags are insecure. But don't demonstrate the technology's problems at a security conference. If you do, HID Global, a manufacturer of access-control devices, might sue you for patent infringement.

...

The use of patent law to prevent vulnerability discovery and discussion is bitter irony, because a fundamental purpose of patent law is disclosure: In exchange for the right to exclude others from using, making or selling a novel invention, an inventor agrees to make public all the details. Once issued, patents are a searchable public record, and expire after 20 years.

17 November 2006

ID Cards: Cracked in All Senses

And talking of ID cards, here's more bad news.

Update: And how could I leave out the inimitable Mr. Lettice's wise words on the subject?

23 July 2006

The Great ID FUD

When will they ever learn?

Unlike traditional forms of identification, the VeriChip can’t be lost, stolen, misplaced, or counterfeited.

That's what the human-implantable RFID VeriChip site says. And this is what happened at the Hackers on Planet Earth (HOPE) 6 conference:

two presenters demonstrated the electronic equivalent of making a copy of an implanted RFID or radio frequency ID chip.

The point was to show just how easy it is to fool a detection device that purports to uniquely identify any individual.

So let's just do a quick recap: which technologies are available for establishing identity unambiguously these days?

Irises: nope
Faces: nope
Fingerprints: nope
DNA: nope
Implanted RFID: nope

So, tell me Mr Blair, how exactly you were going to implement this ID card system in a way that it can't be spoofed to hell?

21 July 2006

Tanenbaum Rides Again

For younger readers of this blog, the name Andy Tanenbaum may not mean much. But for oldies such as myself, it is highly redolent of those epic days when Linux was but a fledgling kernel, and taunts like "your mother was a hamster" and "Linux is obsolete" were thrown down like gauntlets.

I had the pleasure of interviewing Tanenbaum for my book Rebel Code, and it was fascinating to learn how close he came to creating what we now call GNU/Linux with his Minix. But Tanenbaum failed to do one crucial thing that Linus did almost without thinking: to let go. Understandably, as a professor of computer science Tanenbaum wanted to keep control of his teaching materials. But that one, tiny, reasonable brake was enough to stunt the growth of Minix and lend wings to Linux when it appeared in 1991.

Tanenbaum is still teaching, at the Vrije Universiteit in Amsterdam (another Dutch story, then - must be the Rembrandt Effect), and I was interested to note this piece about some of his recent work on developing an anti-RFID device. Good to see him still moving forward in his work. (Via openspectrum.info.)

05 July 2006

From the Commons to...Managed Parks?

One of the areas where the commons is being increasingly invoked is that of radio spectrum, the idea being that there can be frequencies "held in common" for the benefit of all. WiFi is a good example, and more and more jurisdictions are looking to create spectrum commons of one kind or another in order to encourage innovation with the minimum of regulation.

But here's an interesting twist from New Zealand, which is considering creating both "public parks" and "managed parks" for radio spectrum:

A "public park" is analogous to common land, with complete freedom of entry balanced by a requirement that users do not interfere with the activities of other licensees. In New Zealand, limits and conditions of use are defined by a General User Licence (GUL). A common condition of use is operation on a non-interference basis which means that a (General User Radio Licence) GURL licensee shall not cause interference to, nor claim protection from, other licensed services. As a result, issues of interference are normally resolved between users, as a matter of common interest.

"Public parks" can be used for a variety of other purposes including, for example, security detectors, cordless phones, radio-controlled devices, medical monitors and RFID labels. It is possible that, at a local level, this may continue to be a satisfactory environment for some broadband service providers.

...

The Ministry has also been considering combining the advantages of the "public park" with features of the spectrum licence, by establishing "Managed Parks". If "public park" spectrum is analogous to common land, then the Managed Park is akin to a publicly-owned sports ground, in that there is a gate-keeper, consent is required to gain admission and users can engage only in the activities for which the facility is provided.

Aren't metaphors a wonderful thing? (Via Openspectrum.info.)

02 July 2006

Will RFID Go Phut?

Many people have expressed concerns about the privacy implications of Radio Frequency Identification (RFID) technology. But until now, RFID proponents have tended to ignore these issues, claiming that benefits outweigh the risks. However, now that the US Government seems to be worried too, the RFID community may find selling those benefits rather harder. (Via Openspectrum.info.)

04 February 2006

"I Am Not a Number - I Am a Free Man!"

Tagging objects with unique, artificial DNA sequences that act as a barcode is not new; but I had no idea that it had progressed to the point where it was almost routine, as in this collectibles tagging service. It works by marking the object with an invisible ink containing small quantities of a synthetic DNA tag.

Although the collectibles story mentions using lasers and fluorescence to authenticate the tag, a more scalable approach would be to read the DNA directly: that requires fast, cheap DNA sequencers, and there's plenty of those under development.

As the cost of DNA synthesis and sequencing plummets, so this kind of barcoding is likely to become common. It's easy to apply, does not disfigure the object as a conventional barcode does (to say nothing of an RFID chip), and so does not need to be removed when the customer takes the item home.

But there is a dangerous downside to this ingenious approach. It will make the idea of DNA tagging uncomfortably mundane. And once people are used to the practice in their daily lives, it's only a short step for companies and governments to move on to identifying people by some very special sequences of DNA - their own.

The big advantage is that you don't even need to apply the invisible ink: practically every cell in our body already has the DNA tag. That tag is unique (modulo the odd identical twin), and you can't change your underlying genomic sequence (local mutations aside). In effect, this DNA forms your very own permanent identification number - written in the quaternary digits A, C, G and T - that is ideal for key documents like passports, driving licences and health cards. What government could pass up the opportunity to adopt such a logical approach?

Moreover, because the number never changes, you leave behind in your life a continuous trail of DNA tags - in the form of discarded cells (hair, skin, saliva, blood) - that forms a complete record of where you went. Put another way, for any given event, governments will be able confidently to assign names to most of the people who were involved, as well as to innocent witnesses - sorting out which is which is merely a forensic detail - on the basis of the genomic calling-cards they inevitably leave behind.

So much for freedom, Number 6.